Skip to main content

Squid Proxy Server

Install and Configure Squid Proxy Server 


Introduction 

Squid is an excellent open source web caching proxy package but is requires quite a lot of tuning to achieve the kind of performance seen in commercial proxies. This report present several independently useful ideas for tuning a web caching system 

Squid Proxy overview 

Squid is a Unix-based proxy server that caches Internet content closer to a requestor than its original point of origin. Squid supports caching of many different kinds of Web objects, including those accessed through HTTP and FTP. Caching frequently requested Web pages, media files, and other content accelerates response time and reduces bandwidth congestion. A Squid proxy server is generally installed on a separate server than the Web server with the original files. Squid works by tracking object use over the network. Squid will initially act as an intermediary, simply passing the client's request on to the server and saving a copy of the requested object. If the same client or multiple clients request the same object before it expires from Squid's cache, Squid can then immediately serve it, accelerating the download and saving bandwidth and Website operators frequently will put a Squid proxy server as a content accelerator, caching frequently viewed content and easing loads on Web servers. Content delivery networks and media companies employ Squid proxy servers and deploy them throughout their networks to improve the experience of viewers requesting programming, particularly for load balancing and handling traffic spikes for popular content. Squid is provided as free, open source software and can be used under the GNU General Public License (GPL) of the Free Software Foundation. Squid was originally designed to run on Unix-based systems but can also be run on Windows machines. Squid was originally an outgrowth of the Harvest Project, an ARPA-funded open source information gathering, and storage tool. "Squid" was the code name used to differentiate the project when development in the new direction was initially begun

Supported Protocols 

Squid supports the following incoming protocol request types (when the proxy requests are sent in HTTP format)

  • HyperText Transfer Protocol (HTTP), which is the specification that the WWW is based on. File Transfer Protocol (FTP) 2
  •  Gopher
  • Wide Area Information Services (WAIS) (With the appropriate relay server.)
  • Secure Socket Layer - which is used for secure online transactions.

 Inter-Cache and Management Protocols 


  • HTTP, which is used for retrieving copies of objects from other caches.
  • Internet Cache Protocol (ICP). ICP is used to find out if a specific object is in another cache's store. 
  • Cache Digests. This protocol is used to retrieve an index of objects in another cache's store. When a cache receives a request for an object it does not have, it checks this index to determine which cache does have the object.
  • Simple Network Management Protocol (SNMP). Common SNMP tools can be used to retrieve information about your cache.
  • Hyper Text Caching Protocol (HTCP). Though HTCP is not widely implemented, Squid is in the process of incorporating the protocol


Installing Squid Proxy Server

Squid can be installed using the source code or binary package 

Installing Squid from source code

 Installing Squid from source code is a three step process: 

  1. Select the features and operating system-specific settings.
  2. Compile the source code to generate the executables. 
  3. Place the generated executables and other required files in their designated locations for Squid to function properly.

Installing Squid from binary

 Squid binary packages are available in the software repositories of most operating systems and we can install them by using the package managers provided by the respective operating systems. 

Fedora, CentOS or Red Hat

 Yum is a popular package manager on RPM-based operating systems. Squid RPM is available in the Fedora, CentOS, and Red Hat repositories. To install Squid, we can simply use the following command: yum install squid

Debian or Ubuntu 


We can use apt-get to install Squid on Debian or Ubuntu: apt-get install squid3 

FreeBSD 


Squid is available in the FreeBSD ports collection. The following command can be used to install Squid on FreeBSD: pkg_add -r squid31 For more information on package management in FreeBSD, please go to http://www.freebsd.org/doc/handbook/packages-using.html. 

OpenBSD or NetBSD


 Installing Squid on OpenBSD or NetBSD is similar to installing it on FreeBSD and can be performed using the following command: pkd_add squid31 To learn more about the package management system in OpenBSD and NetBSD, please refer to http://www.openbsd.org/ports.html#Get and http://www.netbsd.org/docs/pkgsrc/using.html#installing-binary-packages respectively.

Dragonfly BSD 


To install Squid on Dragonfly BSD, we can use the following command: pkg_radd squid31 For more information on installing binary packages on Dragonfly BSD, please visit http://www.dragonflybsd.org/docs/newhandbook/pkgsrc/

Gentoo


 We can install Squid on Gentoo Linux using emerge, as shown next: emerge =squid-3.1*

Arch Linux


 To install Squid on Arch Linux, we can use the package manager pacman, as shown in the following command: pacman -S squid For more information on pacman, please visit https://wiki.archlinux.org/index.php/Pacman Next chapter 


onward all configuration command based Debian or Ubuntu because we are used Debian for Operating system 


Basic Configuration in Squid proxy


The default configuration file is probably right for 90% of installations - once you have Squid running, you should change the configuration file one option at a time. Squid configuration file locate on /etc/squid/squid.conf




Setting Squid’s HTTP port


The first option in the squid.conf file sets the HTTP port(s) that Squid will listen to for incoming requests

http_port 3128

Store cache data


The cache_dir operator in the squid.conf file is used to define cache directory, its path, type and size
cache_dir Type Directory-Name Mbytes Level1 Level2 [options]
Eg-:cache_dir ufs /usr/local/squid/var/cache/ 100 16 256

Access Control Lists and Access Control Operators


This is used for filtering based on the acl matchings. If none of the "access" lines cause a match, the default is the opposite of the last line in the list. If the last line was denied, then the default is allowed. Conversely, if the last line is allowed, the default will be denied. For these reasons, it is a good idea to have a "deny all" or "allow all" entry at the end of your access lists to avoid potential confusion

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access allow all

Set Host Name


unique_hostname Anusha

visible_hostname Anusha

Browser Configuration



Squid is the server half of a client-server relationship, after that server configuration we must configure the client. Actually, client configuration mean our web browser configuration. Figure 5.1 show how to configure web browser


Squid Proxy Server 3.0 Configuration Manual------>


Comments

Post a Comment

Popular posts from this blog

Installing Check Point Client(NSX) in Ubuntu 18.04 LTS

Installing Check Point Client(NSX) in  Ubuntu 18.04 LTS Hiii all today I'm going to describe how to install Check Point VPN Client on your UNIX machine. As of build 800007075 Checkpoint no longer support using the Native Client on the command line. This prevents scripting logins, and also requires a heavy desktop when we were able to survive with a headless server. Access is still possible, but only via the “SSL Network Extender“. This is a major pain as it requires X server, Oracle Java, and the FireFox browser to run. Chrome gives this helpful message on the Java website: Before installing we need to check the prerequisites of the NSX. Ubuntu 18.0 Let's open Ubuntu terminal and run below commands. sudo su  apt-get install libnss3-tools apt-get install xterm apt-get update apt-get install libstdc++5:i386 libpam0g:i386 libx11-6:i386 apt install default-jre             apt install openjdk-11-jre-headless apt...
Post a Comment
Read more

Lets Hack Facebook

Create Facebook Phishing site Warning & Disclaimer:  Making a phishing page is not illegal, but using a phishing page is illegal. This tutorial is just to show you, "How to create phishing page?". If you use this to hack anyone account, then I AM not responsible for it. Do anything at your own risk. The creating Facebook phishing site is the most popular topic in today. so today I am going to explain how to create the best phishing site and how it sends to victims. The tutorial has 3 parts Mirror Facebook page create phishing page hosts site URL Masking Let's start.... Mirror Facebook Page Create best phishing page you need some skills that are social engineer skill. what is the social engineer skill ?? basically, social engineering is the get idea about victims looking her/his facebook ,body or chatting and grab his or her likes. Today I am going to phishing guy or girl who loves free gifts like iPhone 6 ...
Post a Comment
Read more

MS SQL Recovery Pending Fix(සිංහල)

අද මම කියන්න යන්නේ SQL Server එකේ අපි කාටත් මූන පාන්න වෙන ගැටලුවක් ඒ තමයි Recovery Pending State එක. මේ issue එක fix කරන්න කලින් SQL Database status මොනාද Recovery pending  ඇතිවෙන්න හේතු මොනාද කියලාබලමු SQL Database States  😀Online - DB එක ප්‍රශ්නයක් නැතුව   accessible  පුළුවන් state එකක් තමයි මේ. 😟 Suspect - මේ කියන state එකනම් අවුලක් තියෙනවා මේ state එකේ තියෙනවා කියන්නෙ DB එක fail වෙන්න තියෙන ඉඩ වැඩියි ඒකට හේතුව තමයි transaction logs damage වෙලා තියෙන එක ඒ නිසා DB එකට recovery හරි transaction rollback එකට යන්න බැරුව suspect වෙලා තියෙනවා  🙁 Recovery Pending - මේ state එකේදී SQL Server එක දන්නවා recovery එකක් ඔනී කියලා නමුත් ඒක start කරන්න තියෙන නොහැකියාව නිසා තමයි DB එක මේ state එකට යන්නේ.හැබැයි මේ අවස්ථාව suspect අවස්ථාවම නෙවෙයි මොකද මෙතනදි recovery එක fail වෙලා නෑ මේක start කරගන්න බැරි කමක් තියෙන්නේ  Recovery Pending වෙන්න ගොඩක් හේතු බලපානවා ඒවගෙන් ප්‍රදාන දේවල් ටිකක් මම කියන්නම් 1) DB එක හරියාකාරව shutdown වෙලා නෑ ...
Post a Comment
Read more